UKCloud_Email and Collaboration OFFICIAL (Assured)

Our Zimbra-based public cloud email service is designed exclusively for the UK Public Sector, and is compliant with GDPR and suitable for OFFICIAL workloads, based in UK Crown hosting datacentres to ensure data sovereignty. The service is scalable on-demand, flexible, billed monthly, and with full support free of charge.

Slack is accessible via any web browser that supports HTML5 and is also accessible programmatically via its API. Alternatively, Slack can be used via its own desktop client.

Web chat accessibility testing

None

Onsite support

Onsite support

Support levels

UKCloud's standard support includes Customer Success Managers, Technical Account Managers, support engineers and a 24/7 Network Operations Centre. We aim to respond to ALL incidents within 15 minutes between 08:00-20:00 every weekday.

Support available to third parties

Yes

Onboarding and offboarding

Onboarding and offboarding

Getting started

All new customers are assigned a Customer Success Manager that will provide proactive support and advise for the first 90 days. This also includes the assistance from devops and cloud architects to ensure the right solution is provisioned and maximised for the workloads, along with a range of user guides.Q Associates also has Cloud Migration services to support more detailed integration issues between public and private clouds

Service documentation

Yes

Documentation formats

HTML

ODF

PDF

Other

Other documentation formats

Video

Audio

Webinars/WebEx

Presentations

End-of-contract data extraction

The customer has complete autonomy of how data is stored and managed within their environment. Data can be extracted via API.

End-of-contract process

We will return all your data and materials which cannot be deleted or exported by you, and securely destroy all copies of your data on your written instruction. We will return any pre-paid sums for services not delivered to you. We will not penalise you for terminating your contract with us unless specifically stated in the Service Definition. We will also return all of your confidential information, unless there is a legal requirement that we keep it.Q Associates also has Cloud Exit Services on G-cloud to assist with more detailed integration issues.

Scaling

Scaling

Independence of resources

In order to guarantee that users are not affected by the demands from other users, we use reource reservations and shares such as internet bandwidth shaping. In addition, the capapcity planning team ensure that usage in terms of all resources are constantly monitored and increased accordinglty relating to user demand.

We offer the choice of connecting: • Via the internet using additional encryption such as TLS 1.2 • IPSec VPN tunnels• Via private networks such as leased lines or MPLS• Via public sector networks such as PSN, N3, Janet

Data protection within supplier network

TLS (version 1.2 or above)

Other

Other protection within supplier network

We use dedicated CAS-T circuits between each of our sites to ensure the protection of customer data in-flight. We additionally encrypt this data within our Elevated OFFICIAL platform. All data flows are also subject to our protective monitoring service.

Availability and resilience

Availability and resilience

Guaranteed availability

99.99%

Approach to resilience

Our service is deployed across a number of zones. Each zone is designed to eliminate single points of failure (such as power, network and hardware).

Outage reporting

All outages will be reported via the Service Status page and the notifications service within the UKCloud Portal. Outages are identified as Planned maintenance, Emergency maintenance, and platform issues. In addition, the designated Technical Account Manager will proactively contact customers as appropriate.

Identity and authentication

Identity and authentication

User authentication needed

Yes

User authentication

2-factor authentication

Access restrictions in management interfaces and support channels

UKCloud, our service provider - For online systems (e.g. Customer Portal & API interfaces), all users are required to have a unique username, password and memorable word combination. Customers may also use 2FA authentication tokens.

Access restriction testing frequency

At least every 6 months

Management access authentication

2-factor authentication

Audit information for users

Audit information for users

Access to user activity audit information

Users contact the support team to get audit information

How long user audit data is stored for

Between 1 month and 6 months

Access to supplier activity audit information

Users contact the support team to get audit information

How long supplier audit data is stored for

Between 1 month and 6 months

How long system logs are stored for

Between 1 month and 6 months

Standards and certifications

Standards and certifications

ISO/IEC 27001 certification

Yes

Who accredited the ISO/IEC 27001

"NQA for Q Associates LRQA for UKCloud"

ISO/IEC 27001 accreditation date

"Q Assocaites - April 2016 UKCloud - 8th May 2012"

What the ISO/IEC 27001 doesn’t cover

Nothing

ISO 28000:2007 certification

No

CSA STAR certification

Yes

CSA STAR accreditation date

"Q Associates - N/A UKCloud - 28th October 2016"

CSA STAR certification level

Level 1: CSA STAR Self-Assessment

What the CSA STAR doesn’t cover

Nothing

PCI certification

No

Other security certifications

Yes

Any other security certifications

ISO27018 - UKCloud

Security governance

Security governance

Named board-level person responsible for service security

Yes

Security governance certified

Yes

Security governance standards

CSA CCM version 3.0

ISO/IEC 27001

Other

Other security governance standards

CSA STAR, ISO27001, ISO27017, ISO27018 and ISO20000

Information security policies and processes

Q Associates are accredited to ISO27001 and independently audited each year. All staff are reviewed and tested annually in relation to their understanding of our ISO27001 policies and training aligned according to the overall results. We are also Cyber Essentials certified and have access when necessary to a team of secure staff from our QSS division who regularly deal with sensitive public-sector organisations. Full information relating to our ISO27001 policies and processes is available upon request. Additionally, our service provider, UKCloud, has a number of inter-connected governance frameworks in place which control both how the Company operates and the manner in which it delivers cloud services to its customers. These have been independently assessed and certified against ISO20000, ISO27001, ISO27017 and ISO27018 by LRQA, a UKAS accredited audit body. The Company is governed by an integrated suite of information security policies. Under the top level Information Security Policy itself are second-level documents with specific focus on Acceptable Use, Antivirus Protection, Asset Management, Business Continuity Management, Data Protection, Password Management, Personnel Management, Supply Chain Management and many others.

Operational security

Q Associates has documented configuration and change management available upon request. UKCloud, has documented configuration and change management policies and processes, which have been implemented, maintained and assessed in accordance with the guidance from ITIL v.3 and the current ISO20000 standard. Formal configuration management activities, including record management and asset reporting, are monitored and validated constantly, and any identified discrepancies promptly escalated for investigation. A robust, established process for the formal submission of change requests is mandated prior to review and approval of the daily Change Advisory Board, which is attended by a quorum of operational and technical management personnel.

Our Service provider, UKCloud has a documented vulnerability management policy and process, which have been implemented, maintained and assessed in accordance with the guidance from ITIL v.3 and the current ISO20000 and ISO27001 standards. Where technically possible, real-time updates and status reports are identified and sourced from credible vendor sources, which cover a significant proportion of UKCloud’s asset population. For other systems and software, assigned personnel have responsibility for regularly reviewing technical forums and specialist groups to promptly identify and evaluate any emerging patches or updates which require our attention.

UKCloud - Following best practice from the National Cyber Security Centre, UKCloud protects both its Assured and Elevated platforms with 24x7 enhanced protective monitoring services, vulnerability scanning and assessment. Their approach to protective monitoring at minimum meets the Protective Monitoring Controls (PMC 1-12) outlined in NCSC document GPG13 (Protective Monitoring for HMG ICT Systems). It includes checks against systems events (SIEM) and network traffic analysis, including time sources, cross-boundary traffic, suspicious activities at a boundary, network connections and status of backups. Any alerts generated are logged and investigated 24x7.

Q Associates has fully documented Incident management processes (Available on request). UKCloud has a documented incident management policy and process, which have been implemented, maintained and assessed in accordance with guidance from ITIL v.3 and the current ISO20000 and ISO27001 standards. This activity is responsible for the progression of alerts generated by automated monitoring systems, issues identified by UKCloud personnel, and incidents identified and reported to UKCloud by customers and partners. All incidents are promptly reported into a central ticketing system, which ensures each is promptly assigned to an appropriate resource, and progress tracked (and escalated, as required) to resolution.

Public sector networks

Pricing

Pricing

Price

£3.25 per unit per month

Discount for educational organisations

No

Free trial available

Yes

Description of free trial

"Free trials are available to both new and existing customers for products that haven't previously purchased or trialled. Free trials are excluded from any SLA credits and are limited to 30 days’ based on a fair usage policy. "